Date: Friday, November 10, 2017 @ 22:51:11 Author: jgc Revision: 309409
upgpkg: libimobiledevice 1.2.0+66+g5a85432-1 Modified: libimobiledevice/trunk/PKGBUILD Deleted: libimobiledevice/trunk/0001-Add-new-function-to-get-the-underlying-file-descript.patch libimobiledevice/trunk/0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch libimobiledevice/trunk/0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch libimobiledevice/trunk/0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch libimobiledevice/trunk/0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch libimobiledevice/trunk/CVE-2016-5104.patch -----------------------------------------------------------------+ 0001-Add-new-function-to-get-the-underlying-file-descript.patch | 62 --- 0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch | 41 -- 0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch | 54 --- 0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch | 29 - 0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch | 171 ---------- CVE-2016-5104.patch | 31 - PKGBUILD | 48 +- 7 files changed, 20 insertions(+), 416 deletions(-) Deleted: 0001-Add-new-function-to-get-the-underlying-file-descript.patch =================================================================== --- 0001-Add-new-function-to-get-the-underlying-file-descript.patch 2017-11-10 22:45:23 UTC (rev 309408) +++ 0001-Add-new-function-to-get-the-underlying-file-descript.patch 2017-11-10 22:51:11 UTC (rev 309409) @@ -1,62 +0,0 @@ -From 692f7c9de72ca7fcaba51659972270d445751438 Mon Sep 17 00:00:00 2001 -From: BALATON Zoltan <bala...@eik.bme.hu> -Date: Wed, 23 Sep 2015 02:19:27 +0200 -Subject: [PATCH] Add new function to get the underlying file descriptor of an - idevice connection - ---- - include/libimobiledevice/libimobiledevice.h | 10 ++++++++++ - src/idevice.c | 16 ++++++++++++++++ - 2 files changed, 26 insertions(+) - -diff --git a/include/libimobiledevice/libimobiledevice.h b/include/libimobiledevice/libimobiledevice.h -index 016cadb..b125adf 100644 ---- a/include/libimobiledevice/libimobiledevice.h -+++ b/include/libimobiledevice/libimobiledevice.h -@@ -239,6 +239,16 @@ idevice_error_t idevice_connection_enable_ssl(idevice_connection_t connection); - */ - idevice_error_t idevice_connection_disable_ssl(idevice_connection_t connection); - -+/** -+ * Get the underlying file descriptor for a connection -+ * -+ * @param connection The connection to get fd of -+ * @param fd Pointer to an int where the fd is stored -+ * -+ * @return IDEVICE_E_SUCCESS if ok, otherwise an error code. -+ */ -+idevice_error_t idevice_connection_get_fd(idevice_connection_t connection, int *fd); -+ - /* misc */ - - /** -diff --git a/src/idevice.c b/src/idevice.c -index b776e84..5912aeb 100644 ---- a/src/idevice.c -+++ b/src/idevice.c -@@ -463,6 +463,22 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive(idevice_connecti - return internal_connection_receive(connection, data, len, recv_bytes); - } - -+LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_get_fd(idevice_connection_t connection, int *fd) -+{ -+ if (!connection || !fd) { -+ return IDEVICE_E_INVALID_ARG; -+ } -+ -+ idevice_error_t result = IDEVICE_E_UNKNOWN_ERROR; -+ if (connection->type == CONNECTION_USBMUXD) { -+ *fd = (int)(long)connection->data; -+ result = IDEVICE_E_SUCCESS; -+ } else { -+ debug_info("Unknown connection type %d", connection->type); -+ } -+ return result; -+} -+ - LIBIMOBILEDEVICE_API idevice_error_t idevice_get_handle(idevice_t device, uint32_t *handle) - { - if (!device) --- -2.9.3 - Deleted: 0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch =================================================================== --- 0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch 2017-11-10 22:45:23 UTC (rev 309408) +++ 0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch 2017-11-10 22:51:11 UTC (rev 309409) @@ -1,41 +0,0 @@ -From 6070126868069f2ee01ea9414f4cfbe5de285267 Mon Sep 17 00:00:00 2001 -From: "Jay Freeman (saurik)" <sau...@saurik.com> -Date: Wed, 21 Oct 2015 00:39:14 -0700 -Subject: [PATCH] Fix installation_proxy when using GnuTLS instead of OpenSSL - ---- - src/idevice.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/idevice.c b/src/idevice.c -index 7c33cdd..b776e84 100644 ---- a/src/idevice.c -+++ b/src/idevice.c -@@ -393,10 +393,13 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive_timeout(idevice_ - } - - if (connection->ssl_data) { --#ifdef HAVE_OPENSSL - uint32_t received = 0; - while (received < len) { -+#ifdef HAVE_OPENSSL - int r = SSL_read(connection->ssl_data->session, (void*)((char*)(data+received)), (int)len-received); -+#else -+ ssize_t r = gnutls_record_recv(connection->ssl_data->session, (void*)(data+received), (size_t)len-received); -+#endif - if (r > 0) { - received += r; - } else { -@@ -404,9 +407,6 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive_timeout(idevice_ - } - } - debug_info("SSL_read %d, received %d", len, received); --#else -- ssize_t received = gnutls_record_recv(connection->ssl_data->session, (void*)data, (size_t)len); --#endif - if (received > 0) { - *recv_bytes = received; - return IDEVICE_E_SUCCESS; --- -2.5.0 - Deleted: 0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch =================================================================== --- 0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch 2017-11-10 22:45:23 UTC (rev 309408) +++ 0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch 2017-11-10 22:51:11 UTC (rev 309409) @@ -1,54 +0,0 @@ -From 2a5868411c57e25802d2f16fd6b77601f10d0b72 Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos <n...@redhat.com> -Date: Fri, 29 Apr 2016 22:58:34 +0200 -Subject: [PATCH] Updated gnutls certificate callback to new API (backwards - compatible) - ---- - src/idevice.c | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -diff --git a/src/idevice.c b/src/idevice.c -index 5912aeb..f2de6a3 100644 ---- a/src/idevice.c -+++ b/src/idevice.c -@@ -642,7 +642,11 @@ static const char *ssl_error_to_string(int e) - /** - * Internally used gnutls callback function that gets called during handshake. - */ -+#if GNUTLS_VERSION_NUMBER >= 0x020b07 -+static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t * req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t * sign_algos, int sign_algos_length, gnutls_retr2_st * st) -+#else - static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t * req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t * sign_algos, int sign_algos_length, gnutls_retr_st * st) -+#endif - { - int res = -1; - gnutls_certificate_type_t type = gnutls_certificate_type_get(session); -@@ -650,7 +654,12 @@ static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t - ssl_data_t ssl_data = (ssl_data_t)gnutls_session_get_ptr(session); - if (ssl_data && ssl_data->host_privkey && ssl_data->host_cert) { - debug_info("Passing certificate"); -+#if GNUTLS_VERSION_NUMBER >= 0x020b07 -+ st->cert_type = type; -+ st->key_type = GNUTLS_PRIVKEY_X509; -+#else - st->type = type; -+#endif - st->ncerts = 1; - st->cert.x509 = &ssl_data->host_cert; - st->key.x509 = ssl_data->host_privkey; -@@ -759,7 +768,11 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne - debug_info("enabling SSL mode"); - errno = 0; - gnutls_certificate_allocate_credentials(&ssl_data_loc->certificate); -+#if GNUTLS_VERSION_NUMBER >= 0x020b07 -+ gnutls_certificate_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback); -+#else - gnutls_certificate_client_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback); -+#endif - gnutls_init(&ssl_data_loc->session, GNUTLS_CLIENT); - gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-SSL3.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL); - gnutls_credentials_set(ssl_data_loc->session, GNUTLS_CRD_CERTIFICATE, ssl_data_loc->certificate); --- -2.9.3 - Deleted: 0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch =================================================================== --- 0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch 2017-11-10 22:45:23 UTC (rev 309408) +++ 0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch 2017-11-10 22:51:11 UTC (rev 309409) @@ -1,29 +0,0 @@ -From 72643b2b83990b9cf97cc84b285b30763d44a72d Mon Sep 17 00:00:00 2001 -From: "Jay Freeman (saurik)" <sau...@saurik.com> -Date: Tue, 2 Aug 2016 03:08:04 -0700 -Subject: [PATCH] idevice: Update GnuTLS code to support iOS 10 - -As of iOS 10 beta 4, the GnuTLS implementation idevice_connection_enable_ssl -needs to be updated to support TLS. Using +VERS-TLS-ALL did not work on some -of the devices I tested and I wasn't sure how to fix it, but +VERS-TLS1.0 is -working on every device I've tested: iOS 9.0.2, 10.0b4, 8.1.1, 6.0, and 3.0. ---- - src/idevice.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/idevice.c b/src/idevice.c -index 1dcdae2..b6dfe4e 100644 ---- a/src/idevice.c -+++ b/src/idevice.c -@@ -774,7 +774,7 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne - gnutls_certificate_client_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback); - #endif - gnutls_init(&ssl_data_loc->session, GNUTLS_CLIENT); -- gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-SSL3.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL); -+ gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-TLS1.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL); - gnutls_credentials_set(ssl_data_loc->session, GNUTLS_CRD_CERTIFICATE, ssl_data_loc->certificate); - gnutls_session_set_ptr(ssl_data_loc->session, ssl_data_loc); - --- -2.9.3 - Deleted: 0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch =================================================================== --- 0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch 2017-11-10 22:45:23 UTC (rev 309408) +++ 0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch 2017-11-10 22:51:11 UTC (rev 309409) @@ -1,171 +0,0 @@ -From 23069d10341ce637fdad7321d447c53752dba48c Mon Sep 17 00:00:00 2001 -From: Nikias Bassen <nik...@gmx.li> -Date: Fri, 4 Nov 2016 02:11:39 +0100 -Subject: [PATCH] userpref: [GnuTLS] Fix pairing record generation and improve - error handling - -In newer GnuTLS versions the parameters supplied to -gnutls_x509_privkey_import_rsa_raw() are actually checked for somewhat -sane values. Since we were passing the same values for all parameters, -this check fails and the device certificate is never generated. -However due to missing checks the pairing record was saved anyway, with -an empty device certificate. This led to TLS errors during communication, -leading to the "GnuTLS: Error in pull function" error message appearing -and the communication to fail. -This commit fixes the issue by passing some sane values, and also improves -the overall error handling during generation of the paring record. ---- - common/userpref.c | 85 +++++++++++++++++++++++++++++-------------------------- - 1 file changed, 45 insertions(+), 40 deletions(-) - -diff --git a/common/userpref.c b/common/userpref.c -index d22c7f5..3ae503a 100644 ---- a/common/userpref.c -+++ b/common/userpref.c -@@ -643,15 +643,13 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da - gnutls_x509_crt_export(host_cert, GNUTLS_X509_FMT_PEM, host_cert_pem.data, &host_cert_export_size); - host_cert_pem.size = host_cert_export_size; - -- ret = USERPREF_E_UNKNOWN_ERROR; -- - gnutls_datum_t modulus = { NULL, 0 }; - gnutls_datum_t exponent = { NULL, 0 }; - - /* now decode the PEM encoded key */ -- gnutls_datum_t der_pub_key; -- if (GNUTLS_E_SUCCESS == gnutls_pem_base64_decode_alloc("RSA PUBLIC KEY", &public_key, &der_pub_key)) { -- -+ gnutls_datum_t der_pub_key = { NULL, 0 }; -+ int gnutls_error = gnutls_pem_base64_decode_alloc("RSA PUBLIC KEY", &public_key, &der_pub_key); -+ if (GNUTLS_E_SUCCESS == gnutls_error) { - /* initalize asn.1 parser */ - ASN1_TYPE pkcs1 = ASN1_TYPE_EMPTY; - if (ASN1_SUCCESS == asn1_array2tree(pkcs1_asn1_tab, &pkcs1, NULL)) { -@@ -670,8 +668,14 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da - - ret1 = asn1_read_value(asn1_pub_key, "modulus", modulus.data, (int*)&modulus.size); - ret2 = asn1_read_value(asn1_pub_key, "publicExponent", exponent.data, (int*)&exponent.size); -- if (ASN1_SUCCESS == ret1 && ASN1_SUCCESS == ret2) -- ret = USERPREF_E_SUCCESS; -+ if (ret1 != ASN1_SUCCESS || ret2 != ASN1_SUCCESS) { -+ gnutls_free(modulus.data); -+ modulus.data = NULL; -+ modulus.size = 0; -+ gnutls_free(exponent.data); -+ exponent.data = NULL; -+ exponent.size = 0; -+ } - } - if (asn1_pub_key) - asn1_delete_structure(&asn1_pub_key); -@@ -679,12 +683,15 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da - if (pkcs1) - asn1_delete_structure(&pkcs1); - } else { -- debug_info("WARNING: Could not read public key"); -+ debug_info("ERROR: Could not parse public key: %s", gnutls_strerror(gnutls_error)); - } - -- /* now generate certificates */ -- if (USERPREF_E_SUCCESS == ret && 0 != modulus.size && 0 != exponent.size) { -- gnutls_datum_t essentially_null = { (unsigned char*)strdup("abababababababab"), strlen("abababababababab") }; -+ /* generate device certificate */ -+ if (modulus.data && 0 != modulus.size && exponent.data && 0 != exponent.size) { -+ -+ gnutls_datum_t prime_p = { (unsigned char*)"\x00\xca\x4a\x03\x13\xdf\x9d\x7a\xfd", 9 }; -+ gnutls_datum_t prime_q = { (unsigned char*)"\x00\xf2\xff\xe0\x15\xd1\x60\x37\x63", 9 }; -+ gnutls_datum_t coeff = { (unsigned char*)"\x32\x07\xf1\x68\x57\xdf\x9a\xf4", 8 }; - - gnutls_x509_privkey_t fake_privkey; - gnutls_x509_crt_t dev_cert; -@@ -692,8 +699,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da - gnutls_x509_privkey_init(&fake_privkey); - gnutls_x509_crt_init(&dev_cert); - -- if (GNUTLS_E_SUCCESS == gnutls_x509_privkey_import_rsa_raw(fake_privkey, &modulus, &exponent, &essentially_null, &essentially_null, &essentially_null, &essentially_null)) { -- /* generate device certificate */ -+ gnutls_error = gnutls_x509_privkey_import_rsa_raw(fake_privkey, &modulus, &exponent, &exponent, &prime_p, &prime_q, &coeff); -+ if (GNUTLS_E_SUCCESS == gnutls_error) { -+ /* now generate device certificate */ - gnutls_x509_crt_set_key(dev_cert, fake_privkey); - gnutls_x509_crt_set_serial(dev_cert, "\x00", 1); - gnutls_x509_crt_set_version(dev_cert, 3); -@@ -712,9 +720,8 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da - } - - gnutls_x509_crt_set_key_usage(dev_cert, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT); -- gnutls_x509_crt_sign(dev_cert, root_cert, root_privkey); -- -- if (USERPREF_E_SUCCESS == ret) { -+ gnutls_error = gnutls_x509_crt_sign(dev_cert, root_cert, root_privkey); -+ if (GNUTLS_E_SUCCESS == gnutls_error) { - /* if everything went well, export in PEM format */ - size_t export_size = 0; - gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &export_size); -@@ -722,13 +729,11 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da - gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_cert_pem.data, &export_size); - dev_cert_pem.size = export_size; - } else { -- debug_info("ERROR: Signing device certificate with root private key failed!"); -+ debug_info("ERROR: Signing device certificate with root private key failed: %s", gnutls_strerror(gnutls_error)); - } -+ } else { -+ debug_info("ERROR: Failed to import RSA key data: %s", gnutls_strerror(gnutls_error)); - } -- -- if (essentially_null.data) -- free(essentially_null.data); -- - gnutls_x509_crt_deinit(dev_cert); - gnutls_x509_privkey_deinit(fake_privkey); - } -@@ -743,27 +748,27 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da - - gnutls_free(der_pub_key.data); - #endif -- if (NULL != root_cert_pem.data && 0 != root_cert_pem.size && -- NULL != host_cert_pem.data && 0 != host_cert_pem.size) -+ -+ /* make sure that we have all we need */ -+ if (root_cert_pem.data && 0 != root_cert_pem.size -+ && root_key_pem.data && 0 != root_key_pem.size -+ && host_cert_pem.data && 0 != host_cert_pem.size -+ && host_key_pem.data && 0 != host_key_pem.size -+ && dev_cert_pem.data && 0 != dev_cert_pem.size) { -+ /* now set keys and certificates */ -+ pair_record_set_item_from_key_data(pair_record, USERPREF_DEVICE_CERTIFICATE_KEY, &dev_cert_pem); -+ pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_PRIVATE_KEY_KEY, &host_key_pem); -+ pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_CERTIFICATE_KEY, &host_cert_pem); -+ pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_PRIVATE_KEY_KEY, &root_key_pem); -+ pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_CERTIFICATE_KEY, &root_cert_pem); - ret = USERPREF_E_SUCCESS; -+ } - -- /* now set keys and certificates */ -- pair_record_set_item_from_key_data(pair_record, USERPREF_DEVICE_CERTIFICATE_KEY, &dev_cert_pem); -- pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_PRIVATE_KEY_KEY, &host_key_pem); -- pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_CERTIFICATE_KEY, &host_cert_pem); -- pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_PRIVATE_KEY_KEY, &root_key_pem); -- pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_CERTIFICATE_KEY, &root_cert_pem); -- -- if (dev_cert_pem.data) -- free(dev_cert_pem.data); -- if (root_key_pem.data) -- free(root_key_pem.data); -- if (root_cert_pem.data) -- free(root_cert_pem.data); -- if (host_key_pem.data) -- free(host_key_pem.data); -- if (host_cert_pem.data) -- free(host_cert_pem.data); -+ free(dev_cert_pem.data); -+ free(root_key_pem.data); -+ free(root_cert_pem.data); -+ free(host_key_pem.data); -+ free(host_cert_pem.data); - - return ret; - } --- -2.9.3 - Deleted: CVE-2016-5104.patch =================================================================== --- CVE-2016-5104.patch 2017-11-10 22:45:23 UTC (rev 309408) +++ CVE-2016-5104.patch 2017-11-10 22:51:11 UTC (rev 309409) @@ -1,31 +0,0 @@ -From df1f5c4d70d0c19ad40072f5246ca457e7f9849e Mon Sep 17 00:00:00 2001 -From: Joshua Hill <posixni...@gmail.com> -Date: Tue, 29 Dec 2015 22:27:17 +0100 -Subject: [PATCH] common: [security fix] Make sure sockets only listen locally - ---- - common/socket.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/common/socket.c b/common/socket.c -index b276864..e2968a6 100644 ---- a/common/socket.c -+++ b/common/socket.c -@@ -172,7 +172,7 @@ int socket_create(uint16_t port) - - memset((void *) &saddr, 0, sizeof(saddr)); - saddr.sin_family = AF_INET; -- saddr.sin_addr.s_addr = htonl(INADDR_ANY); -+ saddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); - saddr.sin_port = htons(port); - - if (0 > bind(sfd, (struct sockaddr *) &saddr, sizeof(saddr))) { -@@ -329,7 +329,7 @@ int socket_accept(int fd, uint16_t port) - - memset(&addr, 0, sizeof(addr)); - addr.sin_family = AF_INET; -- addr.sin_addr.s_addr = htonl(INADDR_ANY); -+ addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); - addr.sin_port = htons(port); - - addr_len = sizeof(addr); Modified: PKGBUILD =================================================================== --- PKGBUILD 2017-11-10 22:45:23 UTC (rev 309408) +++ PKGBUILD 2017-11-10 22:51:11 UTC (rev 309409) @@ -4,45 +4,37 @@ # Contributor: Gabriel Martinez < reitaka at gmail dot com > pkgname=libimobiledevice -pkgver=1.2.0 -pkgrel=6 +pkgver=1.2.0+66+g5a85432 +pkgrel=1 pkgdesc="Library that talks the protocols to support iPhone and iPod Touch devices on Linux" url="http://libimobiledevice.org/" arch=('i686' 'x86_64') license=('GPL2' 'LGPL2.1') depends=('libusbmuxd' 'usbmuxd' 'gnutls') -makedepends=('python2' 'cython2' 'python' 'cython' 'libplist' 'autoconf-archive') -source=(http://libimobiledevice.org/downloads/$pkgname-$pkgver.tar.bz2 - 0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch - CVE-2016-5104.patch - 0001-Add-new-function-to-get-the-underlying-file-descript.patch - 0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch - 0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch - 0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch) -sha256sums=('786b0de0875053bf61b5531a86ae8119e320edab724fc62fe2150cc931f11037' - '9fb1523276f9ab4273f0065728c52792ec6c99c09d587c28175c748175106a09' - '30d8032244859adc85f11df00a5b3adb017160821ddf4b22a8528f9b104c0951' - 'a4a1844dfedc933cb998afbbe4b2066d8bcedf8d305990715160b957f754922c' - '9e03d66e15ad036e7e3b8639b07788a0c1959016444766ad63f708e722bd516c' - '173291a36ea08226c221643580c007f44e430867f345d8106395cce0f52a38c5' - '7d3c5a89ce6611c219d80255a1cce4a02de4ca00fb58c32e87733d9a0e20c4ce') +makedepends=('python2' 'cython2' 'python' 'cython' 'libplist' 'autoconf-archive' git python2-setuptools python-setuptools) +_commit=5a85432719fb3d18027d528f87d2a44b76fd3e12 # master +source=("git+https://github.com/libimobiledevice/libimobiledevice/#commit=$_commit") +sha256sums=('SKIP') +pkgver() { + cd $pkgname + git describe --tags | sed 's/-/+/g' +} + +check() { + cd build-py2 + make check +} + prepare() { - cd "$pkgname-$pkgver" - patch -Np1 -i ../0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch - patch -Np1 -i ../CVE-2016-5104.patch - patch -Np1 -i ../0001-Add-new-function-to-get-the-underlying-file-descript.patch - patch -Np1 -i ../0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch - patch -Np1 -i ../0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch - patch -Np1 -i ../0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch - sed -e 's/AC_PYTHON_DEVEL/AX_PYTHON_DEVEL/' -i m4/cython_python.m4 - autoreconf -fi + cd $pkgname + NOCONFIGURE=1 ./autogen.sh } build() { mkdir build-py2 pushd build-py2 - PYTHON=/usr/bin/python2 CYTHON=/usr/bin/cython2 ../$pkgname-$pkgver/configure --prefix=/usr --disable-openssl + PYTHON=/usr/bin/python2 CYTHON=/usr/bin/cython2 ../$pkgname/configure --prefix=/usr --disable-openssl sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool make popd @@ -49,7 +41,7 @@ mkdir build-py3 pushd build-py3 - PYTHON=/usr/bin/python CYTHON=/usr/bin/cython ../$pkgname-$pkgver/configure --prefix=/usr --disable-openssl + PYTHON=/usr/bin/python CYTHON=/usr/bin/cython ../$pkgname/configure --prefix=/usr --disable-openssl sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool make }